Free Malware Removal Forum

Welcome to MalwareRemoval.com,What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

I'm running Windows XP (sp2) and IE7. Continous problem with accessing hotmail accounts. We can open our hotmail inbox but when we attempt to open a email, IE closes. I have followed a Microsoft communities newsgroups to hijackthis and then this site. I have attached the log from hijackthis. Please help!

My name is Carolyn and I'll be glad to help you with your computer problems. HijackThis logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that it happens.

Please reply to this thread, do not start another. Please tell me about any problems that have occurred during the fix. Please tell me of any other symptoms you may be having as these can help also. Please try as much as possible not to run anything while executing a fix.

As I am still in training, everything that I post to you must be checked by one of the teachers. Thus, there may be a bit of a delay between posts, but it shouldn't be too long.

If you follow these instructions, everything should go smoothly.

we are currently looking at your log now and will be back as soon as possible with your instructions. while you are waiting one other thing that can be of good use is an uninstall list so please do the following

Make an uninstall list using HijackThis To access the Uninstall Manager you would do the following:

1. Start HijackThis2. Click on the Config button3. Click on the Misc Tools button4. Click on the Open Uninstall Manager button.5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here in your next reply.

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

LimeWire

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur Once upon a time, P2P file sharing was fairly safe. That is no longer true. You may continue to use P2P sharing at your own risk; however, please keep in mind that this practice may be the source of your current malware infestation

A file called look.txt should appear on your Desktop. Please post the contents of this file.

Step 3: Your copy of HijackThis needs to be in a folder of it's own. When HJT fixes anything, it makes backups of the original files in the folder it is in. For this reason it cannot be run from a Zip file or from Temporary folders because the backups will be deleted. Having the backups could be VITAL to restoring your system if something went wrong in the FIX process!

Before clicking the Finish button, make sure that these 2 boxes are checked (ticked):

Update Malwarebytes' Anti-Malware Launch Malwarebytes' Anti-Malware

Malwarebytes' Anti-Malware will now check for updates. If your firewall prompts, please allow it. If you can't update it, select the Update tab. Under Update Mirror, select one of the websites and click on Check for Updates.

Select the Scanner tab. Click on Perform full scan, then click on Scan.

Leave the default options as it is and click on Start Scan.

When done, you will be prompted. Click OK, then click on Show Results.

Checked (ticked) all items and click on Remove Selected.

After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest.

Event Record #/Type20848 / WarningEvent Submitted/Written: 06/18/2008 09:52:57 AMEvent ID/Source: 36 / W32TimeEvent Description:The time service has not been able to synchronize the system timefor 49152 seconds because none of the time providers has been able toprovide a usable time stamp. The system clock is unsynchronized.

YES....more than ever! I've run into problems downloading Kaspersky because my computer refuses to open IE 90% of the time. I have checked my wireless connection. The computer is connected, with a strong signal but IE will not open. After multiple attempts, I can usually get into IE for a short time before it shuts down on me. I have managed to get all the other steps done up to Kaspersky. I will continue working on it and get back to you in another day.

Remove Poker program From your log I can see you've installed poker programs. A lot of poker programs are infected/can infect you with malware. I would advise you to go to Add/Remove programs and uninstall PokerRoom.com.

I recommend that you register before posting your problem. Registered members can receive notification when there has been a reply to their topic. There is no way for CCSP to notify "guests" when they have received a reply.

This is my general post for when your logs show no more signs of malware - Please let me know if you still are having problems with your computer and what these problems are

Your log now appears to be clean. Congratulations!

You can get rid of the tools we used:

Double click OTMoveIt2.exe to launch the programme.

Click on the CleanUp! button.

OTMoveIt will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.

Select Yes when the "Begin cleanup Process?" prompt appears.

If you are prompted to Reboot during the cleanup, select Yes.

When finished exit out of OTMoveIt

The tool will delete itself once it finishes, if not delete it by yourself.

Please take the time to tell us what you would like to be done about the people who are behind all the problems you have had. We can only get something done about this if the people that we help, like you, are prepared to complain. We have a dedicated forum for collecting these complaints Malware Complaints. You need to be registered to post as, unfortunately, we were hit with too many spam posts to allow guest posting to continue. Just find your country room and register your complaint.

General Security and Computer Health Below are some steps to follow in order to dramatically lower the chances of reinfection. You may have already implemented some of the steps below, however you should follow any steps that you have not already implemented.

Make sure that you keep your antivirus updated New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.

Install and use a firewall with outbound protection The Windows firewall only monitors incoming traffic, NOT outgoing. Using a software firewall in its default configuration to replace the Windows firewall greatly reduces the risk of your computer being hacked. Make sure your firewall is always enabled while your computer is connected to the internet.Note: You should only have one firewall installed at a time. Having more than one firewall installed at once is likely to cause conflicts and may well decrease your overall protection as well as seriously impairing the performance of your PC.

Security Updates for Windows, Internet Explorer & Microsoft Office Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.Note: The update process uses ActiveX, so you will need to use internet explorer for it and allow the ActiveX control to install.

Update Non-Microsoft Programs Microsoft isn't the only company whose products can contain security vulnerabilities. To check whether other programs running on your PC are in need of an update, you can use the Secunia Software Inspector - I suggest that you run it at least once a month.

Make Internet Explorer More Secure You are using Internet Explorer v. 7. Therefore please read and follow the recommendations at this SITE

Recommended Programs

I would recommend the download and installation of some or all of the following programs (if not already present), and the updating of them on a regular basis.

Malwarebytes' Anti-Malware and a Free Anti-Virus ProgramAd-Aware is no longer one of our recommeded programs. A better option is to use Malwarebytes' Anti-Malware, which you downloaded earlier, along with an anti-virus program. Malwarebytes' Anti-Malware is an anti-malware application that can thoroughly remove even the most advanced malware. It includes a number of features, including a built in protection monitor that blocks malicious processes before they even start.You can download Malwarebytes' Anti-Malware from HERE. You can find a tutorial HERE.Here are some Anti Virus products which are free for personal use and most used:AntiVirAvastBitDefender

Update your Anti Virus Software - It is imperitive that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.

WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. For more information, please visit HERE.

SpywareBlaster SpywareBlaster sets killbits in the registry to prevent known malicious ActiveX controls from installing on your computer. If you don't know what ActiveX controls are, see HERE. You can download SpywareBlaster from HERE.

Hosts File For added protection you may also like to add a host file. A simple explanation of what a Hosts file does is HERE and for more information regarding host files read HERE.

Be sure to disable the service "DNS Client" FIRST to allow the use of large HOSTS files without slowdowns. If this isn't done first, the next reboot may take a VERY LONG TIME. This is how to do it. First be sure you are signed in as a user with administrative privileges:

Stop and Disable the DNS Client Service Go to Start, Run and type Services.msc and click OK. Under the Extended Tab, Scroll down and find this service.DNS Client Right-Click on the DNS Client Service. Choose Properties Select the General tab. Click on the Stop button. Click the Arrow-down tab on the right-hand side at the Start-up Type box. From the drop-down menu, click on Manual Click the Apply tab, then click OK

Use an alternative Internet Browser Many of the exploits are directed to users of Internet Explorer. Try using a different browser instead:FirefoxOpera

Finally I am trying to make one point very clear. It is absolutely essential to keep all of your security programs up to date.

I'm still experiencing major problems connecting to the Internet. I had hoped this was linked to the malware but I guess not. We have a router that three computers and a PS3 connect through and this computer is the only one with a problem. I've been to the Microsoft website for troubleshooting with IE7 (in fact, that's how I found this site!) but it was no help. I'll keep working on that.

For a firewall, I have been relying on our router to do the job. The router is supplied by my husband's employer for his home office and is supposedly secure.

I have been using Norton Antivirus but have not been impressed by what it has missed. I will check out the links you have provided.

Who is online

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.